# Automated CVE Analysis Using LLMs in Production at NVIDIA ## Overview NVIDIA developed Agent Morpheus, an enterprise-scale system that leverages generative AI to automate the analysis and remediation of software vulnerabilities (CVEs). The system addresses the growing challenge of managing security vulnerabilities in complex enterprise applications, where traditional manual analysis has become unmanageable due to the exponential growth in reported CVEs. ## System Architecture and Components ### LLM Infrastructure - Uses four distinct Llama3 large language models: - Deployed using NVIDIA NIM inference microservices ### Workflow Components - Event-driven architecture triggered by container uploads - Integration with multiple data sources: - Custom tools for LLM augmentation: - Security analyst dashboard for review and feedback ## Production Implementation Details ### Event-Driven Pipeline - Automated workflow triggered by container uploads to registry - Steps: ### Performance Optimization - Parallel processing implementation using Morpheus cybersecurity framework - Significant performance improvements: ### Continuous Improvement - Human-in-the-loop feedback system: - Integration with container registry and security tools ## Technical Innovation ### RAG Implementation - Combines retrieval-augmented generation with AI agents - Multiple intelligence sources integrated: ### AI Agent Capabilities - Autonomous operation without human prompting - Comprehensive checklist generation and execution - Access to multiple tools and data sources - Sophisticated reasoning about vulnerability exploitability ### Microservice Architecture - HttpServerSourceStage for service integration - Asynchronous and parallel execution - Scalable to enterprise workloads - Automated triggering from container registry events ## Production Considerations ### Scalability - Handles thousands of LLM requests per container - Parallel processing of independent CVEs - Dynamic resource allocation through NIM services - Built for enterprise-scale deployment ### Integration - Full integration with container registry - Connected to internal security tools - Automated VEX document generation - Standardized security justification format ### Monitoring and Quality Control - Security analyst review dashboard - Peer review process for recommendations - Feedback collection system - Performance metrics tracking ## Results and Benefits - Reduction in analysis time from hours/days to seconds - Autonomous operation with minimal human intervention - Standardized security documentation - Continuous system improvement through feedback - Enhanced scalability for enterprise deployment - Improved accuracy through specialized model fine-tuning ## Future Considerations - Potential for expanded tool integration - Enhanced parallel processing capabilities - Additional model specialization opportunities - Extended automation possibilities